Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/854367ff-45b7-4925-99a1-97b01f4fabe8.roa
File:                     854367ff-45b7-4925-99a1-97b01f4fabe8.roa (raw, json)
Hash identifier:          bLGz/K8JPbge58hcR1aJAUcFfSRLmOP9/yc3kQhq+Mw=
Subject key identifier:   D4:CE:3C:7B:FC:29:C6:DA:2F:52:FA:E0:85:B3:D3:AD:30:3A:30:2A
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       132D880ACD3FFB21A63F3032CC48D03685173331
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/854367ff-45b7-4925-99a1-97b01f4fabe8.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        216.221.166.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:2d:88:0a:cd:3f:fb:21:a6:3f:30:32:cc:48:d0:36:85:17:33:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d2:69:52:d1:4e:9b:c7:b2:d5:83:2a:b3:7e:
                    1f:20:85:0d:ca:3a:75:f7:9c:f3:90:de:1b:01:12:
                    27:ce:a5:3a:fb:e9:bf:07:38:e2:40:87:b6:1e:b8:
                    c4:77:2f:9f:42:38:49:aa:5b:c6:0e:1a:69:b0:1d:
                    ac:d1:37:5e:7f:a4:36:b2:fb:ef:7a:35:1d:83:27:
                    9b:38:c0:ae:da:38:77:c6:e9:25:e5:82:a1:06:3a:
                    08:69:88:04:53:84:dc:bb:8b:f0:52:5e:4f:4c:98:
                    86:e7:93:f2:e4:1b:10:30:d5:db:21:4b:26:d6:fb:
                    5f:e8:7a:37:76:1c:20:44:08:a7:1e:f3:ee:fb:9c:
                    07:a8:10:0e:c4:ca:30:81:b6:9a:3d:b9:9a:f1:f4:
                    e6:77:c4:4f:2a:79:e5:8b:2a:75:c3:3f:29:90:39:
                    90:b0:72:ca:90:97:cf:bb:8a:c2:3c:87:5f:37:e4:
                    6f:3e:c1:01:4a:ee:26:ff:55:72:c2:7e:63:9e:85:
                    28:37:f9:19:eb:45:b7:39:af:c5:90:97:c5:70:b6:
                    46:2f:49:82:34:65:23:b5:50:82:14:c0:46:91:03:
                    e7:76:5c:55:8f:7e:cf:0e:f5:02:76:57:5e:2a:28:
                    ec:c2:ab:b5:de:a3:21:00:18:10:78:68:a7:34:f0:
                    a3:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:CE:3C:7B:FC:29:C6:DA:2F:52:FA:E0:85:B3:D3:AD:30:3A:30:2A
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/854367ff-45b7-4925-99a1-97b01f4fabe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.221.166.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:42:f1:14:df:65:0d:ba:78:5b:5b:bf:82:4f:90:53:a8:32:
         d6:1b:4a:f9:e1:11:4a:b9:d0:cb:52:3f:da:b4:00:fa:5f:b2:
         e1:e1:2c:da:dc:d1:59:6b:96:3b:1b:f6:dd:69:dd:05:e7:02:
         f9:ba:dc:e7:69:2d:f6:fa:72:02:71:95:d4:b0:91:d7:ec:7d:
         67:87:db:19:87:5f:9f:a9:92:59:53:32:c2:d5:15:d9:4c:57:
         9e:6f:f5:4e:3a:1b:70:5e:4a:c9:8b:49:3b:d8:c3:27:79:ff:
         85:15:7b:02:d4:5d:e1:7e:2a:76:0b:20:26:b3:0a:09:09:0e:
         87:62:0f:0e:c0:fa:30:22:bc:cd:b0:dc:a9:8b:f4:32:68:6e:
         a7:48:da:ab:fe:16:f5:09:56:db:c0:c8:92:07:22:b6:e8:e6:
         e8:93:23:11:54:9b:f8:bb:7f:b6:4e:ef:b9:ba:6d:cf:ed:87:
         07:3b:6e:18:8e:3c:20:10:98:91:cb:d7:11:cf:3f:93:2b:40:
         f0:47:b0:b1:3d:78:6f:1c:e2:14:7a:e1:15:fa:b7:bb:19:59:
         f8:6d:3d:aa:0c:87:43:36:54:13:52:4f:8c:0d:c7:8d:e4:b6:
         14:6c:ec:19:31:29:ab:0a:4d:6c:d0:ff:e7:cb:e0:37:0e:63:
         17:46:e8:ba
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEy2ICs0/+yGmPzAyzEjQNoUXMzEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmU2OGMxY2MyY2E5NjZlZDgzYzQ3NzhlYTBiMjZlM2I0
YmJhMmIwNDI5ZjlhYTRhNjU1NmI0NWJjMzk1MWJmMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDT0mlS0U6bx7LVgyqzfh8ghQ3KOnX3nPOQ3hsBEifOpTr7
6b8HOOJAh7YeuMR3L59COEmqW8YOGmmwHazRN15/pDay++96NR2DJ5s4wK7aOHfG
6SXlgqEGOghpiARThNy7i/BSXk9MmIbnk/LkGxAw1dshSybW+1/oejd2HCBECKce
8+77nAeoEA7EyjCBtpo9uZrx9OZ3xE8qeeWLKnXDPymQOZCwcsqQl8+7isI8h183
5G8+wQFK7ib/VXLCfmOehSg3+RnrRbc5r8WQl8VwtkYvSYI0ZSO1UIIUwEaRA+d2
XFWPfs8O9QJ2V14qKOzCq7XeoyEAGBB4aKc08KMxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1M48e/wpxtovUvrghbPTrTA6MCowHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzg1NDM2N2ZmLTQ1YjctNDkyNS05OWExLTk3YjAxZjRmYWJlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHY3aYwDQYJKoZIhvcNAQELBQADggEBAHFC8RTfZQ26eFtbv4JPkFOoMtYb
SvnhEUq50MtSP9q0APpfsuHhLNrc0Vlrljsb9t1p3QXnAvm63OdpLfb6cgJxldSw
kdfsfWeH2xmHX5+pkllTMsLVFdlMV55v9U46G3BeSsmLSTvYwyd5/4UVewLUXeF+
KnYLICazCgkJDodiDw7A+jAivM2w3KmL9DJobqdI2qv+FvUJVtvAyJIHIrbo5uiT
IxFUm/i7f7ZO77m6bc/thwc7bhiOPCAQmJHL1xHPP5MrQPBHsLE9eG8c4hR64RX6
t7sZWfhtPaoMh0M2VBNST4wNx43kthRs7BkxKasKTWzQ/+fL4DcOYxdG6Lo=
-----END CERTIFICATE-----
Generated at Mon Feb 10 16:14:41 2025 by rpki-client